...

View Full Version : undefined variable message



amm777
01-19-2009, 08:29 PM
I am using php to validate form data and insert into a mysql database as well as email the data. Everything works fine except when the form is not validated because required fields are left blank, an error message "Notice: Undefined variable: mailSent" appears at the top of the page. The error indicates the 25th line in the code below.


<?php
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if (array_key_exists('submit', $_POST)) {
//mail processing script
$to = 'amatonis@cmoresearch.com';
$subject = 'website contact form';

//list expected fields
$expected = array('contact_subject', 'question', 'first_name', 'last_name', 'company_name', 'job_title', 'address1', 'address2', 'city', 'state_or_province', 'postal_code', 'phone', 'email');
//set required fields
$required = array('contact_subject', 'question', 'first_name', 'last_name', 'email');
$headers = 'From: Website Contact Form<info@cmoresearch.com>';
$process = 'includes/process_mail.inc.php';
if (file_exists($process) && is_readable($process)) {
include($process);
}
else {
$mailSent = false;
mail($to, 'Server problem', "$process cannot be read", $headers);
}
if ($mailSent) {
require_once('Connections/connAdmin.php');
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO contact (contact_subject, question, first_name, last_name, company_name, job_title, address1, address2, city, state_or_province, postal_code, phone, email) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($_POST['contact_subject'], "text"),
GetSQLValueString($_POST['question'], "text"),
GetSQLValueString($_POST['first_name'], "text"),
GetSQLValueString($_POST['last_name'], "text"),
GetSQLValueString($_POST['company_name'], "text"),
GetSQLValueString($_POST['job_title'], "text"),
GetSQLValueString($_POST['address1'], "text"),
GetSQLValueString($_POST['address2'], "text"),
GetSQLValueString($_POST['city'], "text"),
GetSQLValueString($_POST['state_or_province'], "text"),
GetSQLValueString($_POST['postal_code'], "text"),
GetSQLValueString($_POST['phone'], "text"),
GetSQLValueString($_POST['email'], "text"));

mysql_select_db($database_connAdmin, $connAdmin);
$Result1 = mysql_query($insertSQL, $connAdmin) or die(mysql_error());
}
}
}
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
<link href="style.css" rel="stylesheet" type="text/css" />
<!--[if IE]>
<link href="ie.css" rel="stylesheet" type="text/css" />
<![endif]-->
</head>
<body>
<div id="container">
<?php include_once('includes/contact_top.inc.php'); ?>
<?php include_once('includes/head_main.inc.php'); ?>
<?php include_once('includes/horizontal_nav.inc.php'); ?>
<div id="sidebar">
<div id="sidebarFeature">
<h1>Other ways to contact us:</h1>
<h2>By mail</h2>
<p>470 Portage Lakes Drive<br />
Suite 102<br />
Akron, OH 44319</p>
<h2>By phone</h2>
<p>330.564.4211 (local)<br />
888.878.5875 (toll free)</p>
<h2>By email</h2>
<p>info@cmoresearch.com.</p>
</div>
</div>
<div id="content">
<h1>Contact Us</h1>
<?php
if ($_POST && isset($missing) && !empty($missing)) {
?>
<p class="warning">Please complete the missing item(s) indicated.</p>
<?php
}
elseif ($_POST && !$mailSent) {
?>
<p class="warning">Sorry, there was a problem sending your message. Please try again later.</p>
<?php
}
elseif ($_POST && $mailSent) {
?>
<p class="boldTeal">Your message has been sent. Thank you.</p>
<?php } ?>
<p>Complete the form below to request more information from CMOR. (Note: We will never share your personal information with any third party.)</p>
<p>* indicates a required field</p>
<form id="form1" name="form1" method="POST" action="<?php echo $editFormAction; ?>">
<p>
<label for="contact_subject">Subject* <?php
if (isset($missing) && in_array('contact_subject', $missing)) { ?>
<span class="warning">Please enter a subject</span><?php } ?>
</label>
<input type="text" name="contact_subject" id="contact_subject"
<?php if (isset($missing)) {
echo 'value="'.htmlentities($_POST['contact_subject']).'"';
} ?>
/>
</p>
<p>
<label for="question">Question* <?php
if (isset($missing) && in_array('question', $missing)) { ?>
<span class="warning">Please enter a question</span><?php } ?>
</label>
<textarea name="question" id="question" cols="45" rows="5">
<?php if (isset($missing)) {
echo htmlentities($_POST['question']);
} ?>
</textarea>
<label for="first_name">First name* <?php
if (isset($missing) && in_array('first_name', $missing)) { ?>
<span class="warning">Please enter your first name</span><?php } ?>
</label>
<input type="text" name="first_name" id="first_name"
<?php if (isset($missing)) {
echo 'value="'.htmlentities($_POST['first_name']).'"';
} ?>
/>
</p>
<p>
<label for="last_name">Last name* <?php
if (isset($missing) && in_array('last_name', $missing)) { ?>
<span class="warning">Please enter your last name</span><?php } ?>
</label>
<input type="text" name="last_name" id="last_name"
<?php if (isset($missing)) {
echo 'value="'.htmlentities($_POST['last_name']).'"';
} ?>
/>
</p>
<p>
<label for="company_name">Company name</label>
<input type="text" name="company_name" id="company_name"
<?php if (isset($missing)) {
echo 'value="'.htmlentities($_POST['company_name']).'"';
} ?>
/>
</p>
<p>
<label for="job_title">Job title</label>
<input type="text" name="job_title" id="job_title"
<?php if (isset($missing)) {
echo 'value="'.htmlentities($_POST['job_title']).'"';
} ?>
/>
</p>
<p>
<label for="address1">Business address</label>
<input type="text" name="address1" id="address1"
<?php if (isset($missing)) {
echo 'value="'.htmlentities($_POST['address1']).'"';
} ?>
/>
</p>
<p>
<input type="text" name="address2" id="address2"
<?php if (isset($missing)) {
echo 'value="'.htmlentities($_POST['address2']).'"';
} ?>
/>
</p>
<p>
<label for="city">City</label>
<input type="text" name="city" id="city"
<?php if (isset($missing)) {
echo 'value="'.htmlentities($_POST['city']).'"';
} ?>
/>
</p>
<p>
<label for="state_or_province">State / Province</label>
<input type="text" name="state_or_province" id="state_or_province"
<?php if (isset($missing)) {
echo 'value="'.htmlentities($_POST['state_or_province']).'"';
} ?>
/>
</p>
<p>
<label for="postal_code">Postal code (xxxxx)</label>
<input type="text" name="postal_code" id="postal_code"
<?php if (isset($missing)) {
echo 'value="'.htmlentities($_POST['postal_code']).'"';
} ?>
/>
</p>
<p>
<label for="phone">Phone number (xxx-xxx-xxxx)</label>
<input type="text" name="phone" id="phone"
<?php if (isset($missing)) {
echo 'value="'.htmlentities($_POST['phone']).'"';
} ?>
/>
</p>
<p>
<label for="email">Email address* <?php
if (isset($missing) && in_array('email', $missing)) { ?>
<span class="warning">Please enter a valid email address</span><?php } ?>
</label>
<input type="text" name="email" id="email"
<?php if (isset($missing)) {
echo 'value="'.htmlentities($_POST['email']).'"';
} ?>
/>
</p>
<p>
<input type="submit" name="submit" id="submit" value="Submit" />
</p>
<input type="hidden" name="MM_insert" value="form1" />
</form>
</div>
<br class="clearfloat" />
<?php include_once('includes/footer.inc.php'); ?>
</div>
</body>
</html>


Here is the code for the included script that processes the email:


<?php
if (isset($_SERVER['SCRIPT_NAME']) && strpos($_SERVER['SCRIPT_NAME'], '.inc.php')) exit;
// remove escape characters from POST array
if (get_magic_quotes_gpc()) {
function stripslashes_deep($value) {
$value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value);
return $value;
}
$_POST = array_map('stripslashes_deep', $_POST);
}

// create empty array for any missing fields
$missing = array();

// assume that there is nothing suspect
$suspect = false;
// create a pattern to locate suspect phrases
$pattern = '/Content-Type:|Bcc:|Cc:/i';

// function to check for suspect phrases
function isSuspect($val, $pattern, &$suspect) {
// if the variable is an array, loop through each element
// and pass it recursively back to the same function
if (is_array($val)) {
foreach ($val as $item) {
isSuspect($item, $pattern, $suspect);
}
}
else {
// if one of the suspect phrases is found, set Boolean to true
if (preg_match($pattern, $val)) {
$suspect = true;
}
}
}

// check the $_POST array and any subarrays for suspect content
isSuspect($_POST, $pattern, $suspect);

if ($suspect) {
$mailSent = false;
unset($missing);
}
else {
// process the $_POST variables
foreach ($_POST as $key => $value) {
// assign to temporary variable and strip whitespace if not an array
$temp = is_array($value) ? $value : trim($value);
// if empty and required, add to $missing array
if (empty($temp) && in_array($key, $required)) {
array_push($missing, $key);
}
// otherwise, assign to a variable of the same name as $key
elseif (in_array($key, $expected)) {
${$key} = $temp;
}
}
}

// validate the email address
if (!empty($email)) {
// regex to identify illegal characters in email address
$checkEmail = '/^[^@]+@[^\s\r\n\'";,@%]+$/';
// reject the email address if it doesn't match
if (!preg_match($checkEmail, $email)) {
$suspect = true;
$mailSent = false;
unset($missing);
}
}

// go ahead only if not suspect and all required fields OK
if (!$suspect && empty($missing)) {
// initialize the $message variable
$message = '';
// loop through the $expected array
foreach($expected as $item) {
// assign the value of the current item to $val
if (isset(${$item})) {
$val = ${$item};
}
// if it has no value, assign 'Not selected'
else {
$val = 'Not selected';
}
// if an array, expand as comma-separated string
if (is_array($val)) {
$val = implode(', ', $val);
}
// add label and value to the message body
$message .= ucfirst($item).": $val\n\n";
}

// limit line length to 70 characters
$message = wordwrap($message, 70);

// create Reply-To header
if (!empty($email)) {
$headers .= "\r\nReply-To: $email";
}

// send it
$mailSent = mail($to, $subject, $message, $headers);
if ($mailSent) {
// $missing is no longer needed if the mail is sent, so unset it
unset($missing);
}
}
?>

Can someone please help?

Fumigator
01-19-2009, 08:36 PM
In your "if" statement that checks to see if $mailsent is true, first check to see if $mailsent is defined at all. Use isset() for that.

http://us2.php.net/manual/en/function.isset.php

mlseim
01-19-2009, 08:37 PM
I don't quite follow the code, but try putting a copy of this line ...
$mailSent = false;

right above ...

$mailSent = false;
if (array_key_exists('submit', $_POST)) {

I think it never gets defined because it's within an "else" statement.
Not that my idea will work, but see if the error goes away (it might trigger some ideas).

EDIT ...
Fumigator has a better suggestion than mine.



.

amm777
01-19-2009, 08:42 PM
thank you both... defining the variable above worked great! thanks!:)



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum